|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] Sharing an Internet Connection
|
>From personal experience, I think the easiest route for him would be
the first one with the old PC. You would need maybe 3 NIC's at the
most (if you wanted to segregate the 2 internal networks). 2 NIC's if
you don't need to.
There are distributions that specialize in NAT, FW, QoS, etc.
monowall, pfSense (both built on BSD actually). Both are easy to use
and work well. The easiest I found to work with is smoothwall.
Download the Express edition from smoothwall.org. It's a Linux base,
all OSS and you get constant updates when you register (free). The
install is one of the easiest I've ever seen. It steps you through
pretty much everything, with automatic NIC setup as well (choosing
which NIC goes to what connection).
The web interface is gorgeous and simple to navigate and setup. You
can also still login to it via SSH / console and muck around manually
at the command line if you want. I have smoothwall running on a 300
MHz AMD-K6, 64 MB with a 2.5 GB drive and I've gone as low as a Pentium
133 MMX, 32 MB, 2 GB to run it on. It still performed well enough.
The most important features for me were the QoS (favor VoIP traffic
over P2P, IM, Mail, FTP, etc.). Also the ability to segment my
wireless network was important. If you want more fine grained
bandwidth controls, go with pfSense. You can set percentages, traffic
loads, etc. SmoothWall just lets you prioritize traffic, but it works
quite well.
Just my $0.02.
Chad
holdenergy wrote:
To Mark, Marty, Stephen, James - I really appreciate the
time you put into replying.
Of course I was not very specific about the type of security and
logging I am looking for but I think James you hit the nail on the head
with the comment about your brother soaking everything up with
Bittorrent. We're not dealing with HIPAA or DoD or anything like that.
>From your replies it seems there are 2 distinct routes (no pun
intended) - one is to use the old desktop machine and load it up with a
bunch of NICs but then getting into the guts of tc and fwbuilder would
take me years (ask me how long I've been messing with Asterisk....no,
on second thoughts don't!).
The other way would be to install DD-WRT onto a router, and there it
seems the best method might be to purchase a new Buffalo unit already
loaded with the software since I don't currently have a router suitable
for that anyway. More expensive than the homebrew method James
mentioned but much, much quicker for me.
Once again, thank you all for your insight,
-Andrew
Date: Sun, 6 Jan 2008 10:45:58
To:plug@lists.phillylinux.org
Subject: [PLUG] Sharing an Internet Connection
Hi - What might be the quickest/cheapest/easiest way to securely share
an internet connection.
Let me explain. In a shared community with only one DSL connection,
multiple different entities connected through one DSL connection but
requiring that records be kept for each port, so that in the extreme
case of a visit from FBI/RIAA etc only that port is an issue. Ideally
getting 2 IPs from the DSL provider would be perfect but that adds $$
if they'd even do it.
Furthermore, we don't want one entity soaking up all available
bandwidth, so what would be the device to throttle each port to a
certain percentage of available, and we actually want to maintain a
certain port dedicated for VOIP to ensure quality of service even if
the DSL is otherwise at capacity.
I have not seen these features in consumer grade routers and I am not
sure how far we have to step up to get it, or is there a Linux solution
for which I'd be happy to re-purpose an old PC or laptop.
Thanks for any help,
-Andrew
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|